Home | History | Annotate | Line # | Download | only in isccfg 
      1 /*	$NetBSD: aclconf.h,v 1.1 2024/02/18 20:57:59 christos Exp $	*/
      2 
      3 /*
      4  * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
      5  *
      6  * SPDX-License-Identifier: MPL-2.0
      7  *
      8  * This Source Code Form is subject to the terms of the Mozilla Public
      9  * License, v. 2.0. If a copy of the MPL was not distributed with this
     10  * file, you can obtain one at https://mozilla.org/MPL/2.0/.
     11  *
     12  * See the COPYRIGHT file distributed with this work for additional
     13  * information regarding copyright ownership.
     14  */
     15 
     16 #ifndef ISCCFG_ACLCONF_H
     17 #define ISCCFG_ACLCONF_H 1
     18 
     19 #include <inttypes.h>
     20 
     21 #include <isc/lang.h>
     22 
     23 #include <dns/geoip.h>
     24 #include <dns/types.h>
     25 
     26 #include <isccfg/cfg.h>
     27 
     28 typedef struct cfg_aclconfctx {
     29 	ISC_LIST(dns_acl_t) named_acl_cache;
     30 	isc_mem_t *mctx;
     31 #if defined(HAVE_GEOIP2)
     32 	dns_geoip_databases_t *geoip;
     33 #endif /* if defined(HAVE_GEOIP2) */
     34 	isc_refcount_t references;
     35 } cfg_aclconfctx_t;
     36 
     37 /***
     38  *** Functions
     39  ***/
     40 
     41 ISC_LANG_BEGINDECLS
     42 
     43 isc_result_t
     44 cfg_aclconfctx_create(isc_mem_t *mctx, cfg_aclconfctx_t **ret);
     45 /*
     46  * Creates and initializes an ACL configuration context.
     47  */
     48 
     49 void
     50 cfg_aclconfctx_detach(cfg_aclconfctx_t **actxp);
     51 /*
     52  * Removes a reference to an ACL configuration context; when references
     53  * reaches zero, clears the contents and deallocate the structure.
     54  */
     55 
     56 void
     57 cfg_aclconfctx_attach(cfg_aclconfctx_t *src, cfg_aclconfctx_t **dest);
     58 /*
     59  * Attaches a pointer to an existing ACL configuration context.
     60  */
     61 
     62 isc_result_t
     63 cfg_acl_fromconfig(const cfg_obj_t *caml, const cfg_obj_t *cctx,
     64 		   isc_log_t *lctx, cfg_aclconfctx_t *ctx, isc_mem_t *mctx,
     65 		   unsigned int nest_level, dns_acl_t **target);
     66 
     67 isc_result_t
     68 cfg_acl_fromconfig2(const cfg_obj_t *caml, const cfg_obj_t *cctx,
     69 		    isc_log_t *lctx, cfg_aclconfctx_t *ctx, isc_mem_t *mctx,
     70 		    unsigned int nest_level, uint16_t family,
     71 		    dns_acl_t **target);
     72 /*
     73  * Construct a new dns_acl_t from configuration data in 'caml' and
     74  * 'cctx'.  Memory is allocated through 'mctx'.
     75  *
     76  * Any named ACLs referred to within 'caml' will be be converted
     77  * into nested dns_acl_t objects.  Multiple references to the same
     78  * named ACLs will be converted into shared references to a single
     79  * nested dns_acl_t object when the referring objects were created
     80  * passing the same ACL configuration context 'ctx'.
     81  *
     82  * cfg_acl_fromconfig() is a backward-compatible version of
     83  * cfg_acl_fromconfig2(), which allows an address family to be
     84  * specified.  If 'family' is not zero, then only addresses/prefixes
     85  * of a matching family (AF_INET or AF_INET6) may be configured.
     86  *
     87  * On success, attach '*target' to the new dns_acl_t object.
     88  *
     89  * Require:
     90  *	'ctx' to be non NULL.
     91  *	'*target' to be NULL or a valid dns_acl_t.
     92  */
     93 
     94 ISC_LANG_ENDDECLS
     95 
     96 #endif /* ISCCFG_ACLCONF_H */
     97